Non-Privileged Access to Data Independent of Filesystem Implementation

ABSTRACT

An application programming interface (API) module provides access to data, independent of filesystem implementation in a non-privileged user mode. A discovery volume having a filesystem recognizable by an operating system has cover files which prevent damage to data stored in an unrecognizable primary volume. The discovery volume also includes a data access API available for execution in a non-privileged user mode to render the primary volume accessible by operating systems which would otherwise find the primary volume unrecognizable.

CROSS REFERENCE TO RELATED PATENT APPLICATIONS

This is a continuation application which claims priority to commonly assigned, co-pending U.S. patent application Ser. No. 12/390,357, filed Feb. 20, 2009, which application is hereby incorporated in its entirety by reference.

BACKGROUND

Access to data across multiple filesystems is a significant concern for computer users. Users may encounter difficulties when trying to access filesystems supported in a source system but not supported in an accessing system. For example, an older version of an operating system may be unable to access a volume created in a newer version of the operating system because of new features present in the filesystem of the newer version, which render the newer version inaccessible to the older version.

Attempts to access volumes containing a filesystem incompatible with the accessing device may have unintended consequences for users. The accessing system may not recognize the filesystem of the source system and present the volume as “raw,” or apparently unrecognized. At the least, the accessing system may not be able to determine that data is present on that volume. At worst, an accessing system which fails to recognize the volume may prompt the user to reformat the entire volume, causing loss of the data in the volume.

Furthermore, loading of special drivers or software to allow access to a volume ordinarily unrecognizable by an operating system has traditionally required execution in kernel mode, thus running afoul of security policies which limit execution to user mode.

SUMMARY

An original boot region (or boot sectors) of a primary volume on a computer readable storage medium is defined as a virtualized region. The virtualized region and its data are moved to another location on the primary volume. A discovery volume is initialized, which takes the place of the virtualized region, using an application programming interface (API). The discovery volume acts as an overlay for the primary filesystem and comprises a filesystem recognizable by a desired array of accessing devices. The discovery volume includes one or more pointers in its boot region, which lead to the virtualized region relocated to accommodate the discovery volume at the beginning of the volume. For example, a discovery volume using a File Allocation Table (FAT) filesystem contains boot region entries consistent with a FAT boot region, and one or more pointers to the relocated virtualized boot region of the primary filesystem.

The discovery volume stores a data access application programming interface (API) configured to allow an operating system of an accessing system to read a primary volume filesystem which would otherwise be unrecognizable by the operating system. This data access API executes in a non-privileged user mode, allowing its execution without requiring privileged kernel mode access. Use of an overlay comprising a commonly recognized format, for example a FAT volume, thus renders the primary filesystem on the volume independent of a source system. The discovery volume may also contain an information file for users, alerting them to the presence of data on the volume.

Cover files protect data in the primary filesystem when the primary filesystem is unrecognized by the accessing system. Cover files are file entries in the discovery volume filesystem which make it appear to the accessing system as though the discovery volume claims space actually used by the primary filesystem. Thus, while a discovery volume may actually utilize a small number of sectors on the disk, an accessing system may see the cover files of the discovery volume consuming the entire space.

When attempting to mount a disk containing a primary filesystem unrecognized by the accessing system, the accessing system will surface the discovery volume to the user. Based on the information presented in that discovery volume, a user may ascertain that another filesystem is present. Additionally, the presence of the discovery volume and cover files prevents an erroneous determination that the primary volume is “raw” or unformatted and a resulting presentation of a prompt to reformat the volume while also preventing unwanted overwriting of otherwise unrecognizable data in the primary volume.

Thus, the discovery volume is visible to a wide array of accessing systems, the cover files prevent accidental overwrite of data otherwise unrecognizable by the accessing systems, and the data access API allows the accessing systems to access the primary volume storing primary data using a non-privileged user mode.

This summary introduces the subject matter described below in the Detailed Description. This summary is not intended to identify essential features of the claimed subject matter, nor is it intended for use in determining the scope of the claimed subject matter.

BRIEF DESCRIPTION OF THE DRAWINGS

The disclosure is made with reference to the accompanying figures. In the figures, the left most reference number digit identifies the figure in which the reference number first appears. The use of the same reference numbers in different figures indicates similar or identical terms.

FIG. 1 is a diagram of an illustrative storage device sharing environment.

FIG. 2 is a diagram of a computer system with an attached storage device.

FIG. 3 is a diagram of a primary volume containing a discovery volume.

FIG. 4 is a diagram of an illustrative data access API.

FIG. 5 is a diagram of an illustrative process of building a discovery volume.

FIG. 6 is a diagram showing the appearance of a volume having a discovery volume and cover files before and after executing the data access API in a non-privileged user mode.

FIG. 7 is a diagram showing the appearance of a recognized primary volume, an unrecognized primary volume with and without cover files.

FIG. 8 is a flow diagram of an illustrative process of building a discovery volume including a data access API.

FIG. 9 is a flow diagram of an illustrative process of accessing primary data on a primary volume using the data access API.

DETAILED DESCRIPTION

Introduction

As noted above, when a filesystem on a volume is unrecognized, a user will be unable to access the data stored in the volume and may even be prompted to reformat or otherwise erase the data stored on that volume which appears raw. This application describes an application programming interface (API) and system to provide access to data, independent of filesystem implementation, in a non-privileged user mode.

The data at the beginning of a volume of a computer readable storage medium, including an original filesystem boot region, is defined as a virtualized region. The virtualized region is first moved to another location in a primary volume. A discovery volume is then written to the recently vacated space at the beginning of the volume. The discovery volume boot region contains entries consistent with a widely recognized filesystem boot region, including cover files and pointers to the virtualized region. The cover files claim blocks used by the primary volume filesystem as being used in the discovery volume filesystem. In other words, the cover files make it appear to the accessing system as though the discovery volume uses space actually used by the primary filesystem. Thus, while a discovery volume may actually utilize a small number of sectors on the disk, an accessing system may see cover files of the discovery volume consuming the entire space. This makes the entire volume appear to be in use, preventing accidental formatting or inadvertent overwrites of data. Cover files also provide access to the underlying volume.

The discovery volume stores a data access application programming interface (API) configured to allow the operating system of the accessing system to recognize a filesystem, which would otherwise be unrecognizable by the accessing operating system. This data access API executes in a non-privileged user mode, allowing its execution without requiring privileged kernel mode access, which may be restricted because of security policies or other concerns.

The discovery volume may also contain one or more information files describing the underlying primary filesystem. The information files may be visible to users and contain data which is human-readable, machine-readable, or both, as to the nature of the other volumes on the disk.

In one implementation, FAT format may be used for the discovery volume filesystem. Because of the FAT format's wide support, the discovery volume would be visible across a wide range of platforms and operating systems. However, any filesystem may be utilized which provides the desired visibility commonality across potential accessing systems.

Thus, when an accessing system attempts to mount a physical disk containing an unrecognizable primary volume, the accessing system will find the discovery volume accessible. The presence of the discovery volume prevents the accessing system from prompting the user to reformat the volume. The presence of the cover files prevents an inadvertent overwrite of data on the unsurfaced (that is, an unrecognized) primary volume, while the data access API gives an accessing system the ability to recognize and access the primary volume in a non-privileged user mode.

Illustrative Storage Device Sharing Environment

FIG. 1 is an illustrative storage device sharing environment 100. A user 102 is shown using computer system 104 running operating system “B.” Computer 104 is connected via a cable, wireless, network, etc., to storage device 106.

Storage device 106 may be any computer-readable storage medium including random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other solid-state memory technology, compact disk read-only memory (CD-ROM), digital versatile disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by a computing device. For example, storage device 106 may be a removable flash memory drive or a removable hard drive which the user may carry to other computers.

Stored on storage device 106 is a discovery volume 108 which contains a primary volume 110. Discovery volume 108 is hidden, because primary volume 110 is recognized and thus accessible by operating system A. Within discovery volume 108 is primary volume 110. Discovery volume 108 comprises a data access API 112 and a cover file 114. Within primary volume 110 is primary data 116. Primary data 116 may comprise data stored by computer 104 or other computers and may include data files such as documents, multimedia files, etc.

Computer system 118 running operating system “B” is then connected to storage device 106. Operating systems A and B may be different operating systems, or different versions of the same operating system. In the illustrated example, operating system B on computer 118 is unable to recognize the filesystem used by operating system A of computer 104, as shown at 120. Thus computer 118 cannot access the primary volume 110. However, operating system B on computer 118 is able to access discovery volume 108 because it uses a filesystem which is visible to operating system B. Thus discovery volume 108 is visible while primary volume 110 is not.

When computer 118 executes the data access API 112 in non-privileged user mode 122, the primary volume 110 and primary data 116 are now accessible along with the discovery volume 108 and its contents, as shown at 124.

FIG. 2 is a diagram of a computer system with an attached storage device 200. Computer system 200 comprises a processor 202 coupled to a memory 204. Stored within memory 204 and configured to execute on processor 202 is an operating system 206. Operating system 206 accesses storage device filesystem 208, which is stored on storage device 106, which is coupled to processor 202. Within storage device filesystem 208 is discovery volume 108. Within discovery volume 108 is cover file 114, virtualized boot region 210, and primary volume 110. The virtualized boot region 210 comprises a discovery volume boot region with a pointer to the original boot area 212, and is described in more detail in FIG. 3 next. Original boot area 212 may be stored in a stash file on primary volume 110.

Also stored on discovery volume 108 is data access API 112, which may be executed in a non-privileged user mode 122 of operating system 206 to allow access to primary data 116.

Discovery Volume Containing a Primary Volume

FIG. is a diagram of a discovery volume 300 containing a primary volume. Virtualized boot region 210 of discovery volume 108 comprises a pointer 302 to original boot area 212 located within the primary volume 110. Also within the discovery volume is a discovery volume file structure 304, which may contain a root directory 306 field in the case of a FAT discovery volume filesystem, and a cover file 114. While one cover file is shown, multiple cover files may be used when the number of sectors to be covered exceeds the discovery volume filesystem per-file size limit. For example, if the discovery volume filesystem limits files to a maximum size of 2 gigabytes, but 4 gigabytes needs to be covered, then two cover files of 2 gigabytes each could be used.

At 308, an information file may also be present within the discovery volume 108. This information file may be visible to users and contain human-readable information, machine-readable information, or both, as to the nature of the primary volume on the disk. This information file may be stored in plain text, hypertext markup language (HTML), or other suitable file format. The information file may contain a warning to users that the primary volume contains data, and refer them to a specific Internet address for technical support.

At 112, the data access API 112 stored within discovery volume 108 gives an accessing system the ability to recognize and access the primary volume 110 and primary data 116 when executed in a non-privileged user mode 122 of the operating system 206. Within primary volume 110 is the stash file containing the relocated boot regions of the primary filesystem 212.

Where the discovery volume file structure uses a FAT format, within the virtualized boot region 210 additional information such as a complete BIOS parameter block (BPB) 310 and associated fields may be present. Because some portions of the boot region are not critical for FAT functionality, other data may be stored therein including pointers to metadata of components utilizing the discovery volume. As a result, these fields may be used to store information necessary for the primary volume or other filesystem volumes to function while still leaving a functional FAT discovery volume. When the FAT structure is in use, the boot region contains fields representing the FAT file structure within the discovery volume.

When the FAT file structure is used by the discovery volume, the VolumeLabel field (0x2b) may be updated to contain “EncryptedVolume,” or a similar string useful to identify the filesystem of the primary volume 110.

Illustrative Data Access API

FIG. 4 is a diagram of a data access API 400 and its relationship with other components. An application 402 may seek to access data on a primary volume. This application may then call a data access API 112. Data access API 112 may comprise an access library module 404 and a discovery volume management module 406. The data access API 112 may then communicate with operating system 206 which communicates with storage device 106's hardware. Application 402 and data access API 112 may be executed in non-privileged user mode.

The access library module 404 provides the ability to access a primary volume 110 in a non-privileged user mode of an operating system. Illustrative code for one implementation of the cover file creation module 404 in the C language follows:

Building a Discovery Volume and Cover Files

FIG. 5 is a diagram of an illustrative process of building a discovery volume 500. At 502, a primary volume 110 of initial configuration is depicted, showing original boot area 212, primary data 116, and free clusters (or other free storage space within the storage device 106) 504. Using the discovery volume management module 406, the original boot area 212 is moved to within the free clusters 504 of the primary volume 110. The actual locations and relative positions of objects in a volume may vary.

At 506, the primary volume is shown after moving the original boot area and creating a discovery volume 108. Within discovery volume 108 is virtualized boot region 210, FAT 304, root directory 306, information file 308, data access API 112, and other components for the functionality of the discovery volume filesystem. The remainder of primary volume 110 comprises primary data 116, free clusters 504, and original boot area 212, which may be stored in a single stash file. This single stash file may be contiguous within the primary volume, and may contain additional space for future use 508.

FIG. 6 is a diagram showing the appearance of a volume having a discovery volume and cover files before and after executing the data access API in a non-privileged user mode 600. At 602, the apparent volume is shown comprising the discovery volume 108 and the cover file 114 when the operating system is unable to recognize the primary volume filesystem and before executing the data access API in non-privileged user mode. Primary data 116 is not visible, nor are free clusters 504, which actually exist underneath the cover file 114 overlay.

At 604, the apparent volume is shown after executing the data access API in non-privileged user mode. The same operating system of 602 above is now able to access the discovery volume, the primary data 116, free clusters 504, and the original boot area 212. The original boot area 212 may be hidden, read only, have access restricted by the data access API, or otherwise be protected 606 from accidental change.

Appearance of Primary Volume with and Without Cover Files

FIG. 7 is a diagram showing the appearance of a volume with and without cover files 700. At 702, when the primary volume filesystem is recognized, the primary data 116, original boot area 212, and free clusters 504 are visible. Discovery volume 108 and virtualized boot region 210 may be hidden, as indicated by the shading of discovery volume 108, with the pointers in boot region 210 redirecting actions to the original boot area 212. Original boot region 212 may also be configured to be the same size as discovery volume 108.

At 704, when the discovery volume is surfaced and no cover files are present, the portions of the volume containing the primary data 116, original boot area 212 and free clusters 504 appear to be apparently unallocated (or “raw”) space 706. This unallocated space 706 may result in a prompt to a user to format, store files within, or make some other undesirable change to the volume, which would damage the actual data stored in a filesystem unrecognized by the accessing system.

At 708, cover file entries 114 are present in the discovery volume filesystem (for example, the FAT file listing). A cover file(s) presents a user with a discovery volume which, at 708, is apparently full. Thus, no prompt for reformatting is presented and, with no free space being shown as available in the discovery volume filesystem, the actual data under the cover files cannot be overwritten.

In another implementation, a discovery volume may be configured where the discovery file system does not extend over the entire volume. In this implementation, there are no cover files in the discovery volume and the discovery volume does not extend over the entire space allocated for the primary volume and reports itself as only consuming the space in the virtualized region. This implementation provides protection from accidental overwriting where an operating system does not typically permit multiple file systems within one volume.

This implementation may be used when non-privileged access to the primary file system through the cover files is unnecessary. For example, there may be a file in the discovery volume that describes to the user how to find and install software to enable access, or a tool may be present that will rewrite, transform, and/or convert the data structures on the disk to enable the accessing system to surface the data stored in the primary file system. In one implementation of this, the changes made by such a tool may be permanent, and the discovery volume may be erased in the process.

Building a Discovery Volume

FIG. 8 is a flow diagram of an illustrative process of building a discovery volume including a data access API 800. The discovery volume creation module 406 may be used to implement these steps.

At 802, a discovery volume is initialized in memory. This discovery volume uses a filesystem which is visible to other operating systems. For example, the FAT filesystem is widely recognized across multiple operating systems and may be used.

At 804, a discovery volume boot region is initialized within the discovery volume. This discovery volume boot region is a virtualized boot region, that is, it contains the boot region information of the discovery volume filesystem, while including pointers to the primary volume filesystem. When the primary volume filesystem is recognized, the pointer allows the accessing system to redirect to the original boot area stored in the volume. When the primary volume filesystem is not recognized, the virtualized boot region provides access to the discovery volume filesystem.

At 806, the original real boot area is moved to a new location in the primary volume. For example, this location may be a single contiguous stash file, which is located anywhere except at the beginning of the volume in the boot sector(s).

At 808, a pointer is constructed in the discovery volume boot region, which points to the original boot area which contains original boot regions.

At 810, the discovery volume is written to the beginning of the volume. This placement in the beginning of the volume insures that an operating system will read the discovery volume boot regions, rather than the original boot area.

At 812, cover file entries are written to the discovery volume filesystem. These cover files are used to make the volume appear to be full of data when surfaced by the discovery volume.

At 814, a data access API including the access library module 404 is written to the discovery volume. Placement of the data access API into the discovery volume makes it visible and accessible to an accessing system which can read the discovery volume filesystem but not the primary filesystem. This data access API is configured to execute in user-mode and allow an operating system which cannot natively recognize the primary filesystem to recognize and access the primary volume data.

Accessing Primary Data on a Primary Volume

FIG. 9 is a flow diagram of an illustrative process of accessing primary data on a primary volume using the data access API 900.

At 902, a virtualized boot region is read by the operating system.

At 904, when the primary volume filesystem is recognized by the operating system and, at 906, the primary volume and primary data are accessible.

When, at 904, the primary volume filesystem is not recognized, at 908, the discovery volume is presented to the user and the discovery volume boot region is read. Cover files make the primary volume appear to be full. Primary data in the primary volume remains inaccessible.

At 910, when the data access API stored in the discovery volume is executed in the non-privileged user mode of the operating system, at 912, the data access API access library module provides the operating system with the functionality to access the primary volume and the primary data within.

Although specific details of illustrative methods are described with regard to the figures and other flow diagrams presented herein, it should be understood that certain acts shown in the figures need not be performed in the order described, and may be modified, and/or may be omitted entirely, depending on the circumstances. As described in this application, modules and engines may be implemented using software, hardware, firmware, or a combination of these. Moreover, the acts and methods described may be implemented by a computer, processor or other computing device based on instructions stored on memory, the memory comprising one or more computer-readable storage media (CRSM).

The CRSM may be any available physical media accessible by a computing device to implement the instructions stored thereon. CRSM may include, but is not limited to, random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other solid-state memory technology, compact disk read-only memory (CD-ROM), digital versatile disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by a computing device. 

1. A computer-implemented method comprising: employing a processor to initialize a discovery volume in a storage device, the discovery volume having a discovery volume filesystem that is recognizable by an accessing system; creating one or more cover files in the discovery volume filesystem to present the discovery volume as full; and creating a virtualized boot region in the discovery volume, the virtualized boot region including a pointer to an original boot region stored in a primary volume with a primary volume filesystem that is unrecognizable by the accessing system.
 2. The method of claim 1, further comprising allowing the accessing system to access the primary volume through the discovery volume.
 3. The method of claim 1, further comprising allowing the accessing system to access the primary volume through the discovery volume, using a non-privileged user mode.
 4. The method of claim 1, wherein the one or more cover files present the discovery volume filesystem as using space that is actually used by the primary filesystem.
 5. The method of claim 1, wherein the discovery volume filesystem is a File Allocation Table (FAT) filesystem.
 6. The method of claim 1, wherein the one or more cover files further provide access to the primary volume.
 7. The method of claim 1, further comprising moving the original boot region to a location in the primary volume.
 8. The method of claim 7, wherein the location is a single, contiguous stash file.
 9. One or more computer-readable storage media storing instructions that, when executed by one or more processors, instruct the one or more processors to perform actions comprising: initializing a discovery volume having a discovery volume filesystem that is recognizable by an accessing operating system; and creating a virtualized boot region in the discovery volume, the virtualized boot region including at least one pointer to an original boot region stored in a primary volume with a primary volume filesystem that is unrecognizable by the accessing operating system.
 10. The one or more computer-readable storage media of claim 9, wherein the actions further comprise creating one or more cover files in the discovery volume filesystem to present the discovery volume as full.
 11. The one or more computer-readable storage media of claim 10, wherein the one or more cover files present the discovery volume as full by claiming one or more data blocks used by the primary volume filesystem as used by the discovery volume filesystem.
 12. The one or more computer-readable storage media of claim 9, wherein the actions further comprise moving data of the original boot region to a new location in the primary volume.
 13. The one or more computer-readable storage media of claim 9, wherein the actions further comprise constructing the at least one pointer in the virtualized boot region.
 14. The one or more computer-readable storage media of claim 9, wherein the at least one pointer points to a data structure containing information referring to the original boot region.
 15. The one or more computer-readable storage media of claim 9, wherein the discovery volume includes an application programming interface (API) that enables access to the primary volume in a non-privileged user mode.
 16. A system comprising: at least one processor; a memory coupled to the at least one processor, the memory storing an operating system configured to execute on the at least one processor; and a storage device coupled to the processor, the storage device including: a discovery volume with a discovery volume filesystem that is recognizable by the operating system; a primary volume with a primary volume filesystem that is unrecognizable by the operating system; one or more cover files in the discovery volume filesystem that present the discovery volume as full; and a virtualized boot region in the discovery volume, the virtualized boot region including a pointer to an original boot region stored in the primary volume.
 17. The system of claim 16, wherein the one or more cover files enable access to the primary volume by the operating system.
 18. The system of claim 16, wherein the primary volume is within the discovery volume.
 19. The system of claim 16, wherein the discovery volume includes at least one information file with information regarding the primary volume.
 20. The system of claim 16, wherein the discovery volume filesystem is at least one of a FAT12, a FAT16, a FAT32, an exFAT, a FATX, a UDF, a NTFS, an ext2, an ext3, an ext4, or a Tux3 filesystem. 